Cyber Security

Cyber Crime Amidst Earthquake Tragedy

Ben Pignatelli for Distilled Post

Since the 6th February, Türkiye and Syria have been hit by at least three devastating earthquakes, one recording a monster 7.8 on the Richter scale, the biggest natural disaster in Turkish or Syrian recent history. The earthquakes hit the southeastern Turkish regions of Gaziantep, Kahramanmaraş, and Defne, three regions bordering or close to the border with Syria.

As of this week, more than 53,500 deaths have been recorded between the two countries, with over a million made homeless. There has been widespread support from the international community to help Turkey (less so with Syria due to Western sanctions on the country as well as the continuing conflict). Rescue dogs, money and other forms of aid have been sent from over sixteen countries. 

Black Hats using disaster to prey on weak

Although there has been much support, there are those who have used the disaster as an opportunity to profit. There have been several attempts at scamming in various forms. Phishing emails are common, appearing to come from a legitimate charity in the hopes of duping the public. QR codes have similarly been utilised as a potential scam technique, due to the ease at which they can be used.

Many of the scams came on social media platforms like Tiktok. These posts often have a picture of destroyed buildings, and people - often children - in need of help. Many of these have been created through text-to-image generations or similar AI tools. One picture of a fireman and child that has been spread across Tik Tok has been proven to be a construction of Midjourney. 

Many of the posts are pixelated pictures with a caption like ‘Let’s help Turkey’. One photo of a distressed child is in fact from a 2018 attack on Kurdish militia forces. Whether this picture was used just to gain sympathy, or was part of a politically motivated attack in response to the attacks on the Kurds, is as yet unclear. 

The money donated is being channelled away into private Tik Tok accounts, private Paypal accounts or cryptocurrency wallets. Donating to Tik Tok even if it is a verified charity has been flagged as suspect, as a BBC investigation stated up to 70% of the donation is taken by Tiktok themselves. 

Russian-backed hackers more serious concern

Whereas many of these scams have been successful, the revenue is in the hundreds of dollars at a time, and therefore is relatively small. More serious is the Russian-backed hackers whose attacks on Nato have disrupted aid to Türkiye and Syria.

An attack credited to Killnet (a Russia-backed cyber criminal gang) on Monday 13th February disrupted a C17 aircraft’s communications while it was trying to provide support for victims. Killnet used a DDos (Distributed Denial of Service) attack to disrupt the Nato website. Nato and SAC (the Strategic Airlift Capability) were helping transport search and rescue equipment to affected areas. The attack was said to have lasted several hours.

Killnet’s aim is to disrupt the military and government capabilities of countries that support Ukraine. 

NASA and ESA voice concern

“In order to support the assessment of the impact of the earthquakes that hit Turkey and Syria, we require imagery with the highest possible spatial resolution over many areas of interest,” said Philippe Bally of ESA.

The attack on the C17 is a problematic reality for the ESA, NASA, and other groups who are trying to help. Cyber disruption will only slow things down, and delays in this instance will mean the difference between life and death for thousands of people. NATO have previously warned attacks of this nature could trigger a collective response, although as of yet no such response from NATO seems incoming, and it is unclear how they will respond.